Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
File: LKyEzuxXs1-jlTSuIwCa6oICOao.mft (raw, json)
Hash identifier: l7T/CUS4tBEDrH9/e5w63Q8RTY8MNzA4Jp8oLKsSQnc=
Subject key identifier: DE:52:FC:8B:FE:D7:9F:F7:0A:3E:7E:F2:F0:83:58:C5:E2:CB:8C:09
Authority key identifier: 2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
Certificate issuer: /CN=2cac84ceec57b35fa39534ae23009aea820239aa
Certificate serial: 019A4E18A4950BC053F00E8C3A8D86774D21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
Manifest number: 0932
Signing time: Tue 04 Nov 2025 09:00:28 +0000
Manifest this update: Tue 04 Nov 2025 09:00:28 +0000
Manifest next update: Wed 05 Nov 2025 09:00:28 +0000
Files and hashes: 1: LKyEzuxXs1-jlTSuIwCa6oICOao.crl (hash: /EVwoMX7g4UsRz84pQtKCfSQM0VRNgQTYF9t2RblTy8=)
2: cj0dff8EdsGG8DaopETeofzcldw.roa (hash: 06o/5+ZmJQt03Z2LLNo5k4a7U1bSw5gDTRAuW+tjkok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:a4:95:0b:c0:53:f0:0e:8c:3a:8d:86:77:4d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cac84ceec57b35fa39534ae23009aea820239aa
Validity
Not Before: Nov 4 09:00:28 2025 GMT
Not After : Nov 5 09:00:28 2025 GMT
Subject: CN=de52fc8bfed79ff70a3e7ef2f08358c5e2cb8c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5e:82:06:89:5d:2f:57:72:ec:08:a0:9c:94:
cb:c2:f7:bd:ea:b2:37:7e:00:c3:71:a6:5b:76:03:
31:ba:7a:7f:93:19:f0:94:c2:2c:2a:ef:0b:ff:ba:
ad:86:d5:ad:ed:9e:ef:47:85:b9:15:4e:fe:0d:99:
b1:07:5b:40:b8:63:96:1d:a2:27:1e:9a:d0:28:86:
9d:19:1d:34:2f:1e:b6:67:90:71:91:e1:05:73:90:
33:cc:3b:c9:43:eb:7c:e6:b8:24:1a:ba:77:93:0a:
6b:bb:c9:84:fd:68:79:23:16:93:24:a4:e6:b4:33:
97:b0:9f:97:92:ae:09:ac:8d:ed:33:c0:1e:5d:f9:
79:62:cd:f8:ec:c0:c2:c0:11:7b:8a:da:4d:80:6b:
5c:0a:02:8f:df:43:d6:1e:77:38:d2:e4:20:6c:d4:
ce:02:6f:97:92:d7:3a:5f:47:48:12:f0:c2:48:25:
7d:44:de:ce:be:75:61:b1:30:ba:01:6f:f9:87:98:
80:85:0a:bd:0e:7d:ee:b7:d2:34:d9:b4:6b:31:65:
3a:04:83:bb:27:da:d2:67:c7:61:38:b8:84:8e:3a:
8b:f4:54:9d:4f:87:9b:71:d3:3b:ff:1e:95:c2:c8:
ac:46:a2:7a:bc:80:db:43:be:04:7c:20:64:2c:93:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:52:FC:8B:FE:D7:9F:F7:0A:3E:7E:F2:F0:83:58:C5:E2:CB:8C:09
X509v3 Authority Key Identifier:
keyid:2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:fc:0a:70:d7:44:9d:71:5e:44:7a:f0:ec:f3:ec:c9:ef:e5:
5b:b7:74:8b:d1:78:b8:08:da:21:05:22:ee:8b:3f:a2:08:3c:
52:a5:f1:80:c1:14:a0:57:b9:27:fa:f0:a1:d6:52:0d:ab:2f:
ef:33:73:54:67:32:e5:0a:22:96:2c:04:30:eb:75:1d:04:0f:
69:ce:69:19:f4:45:f0:9c:ae:c9:03:2f:79:93:0f:92:9e:eb:
36:52:f5:d1:ab:8c:9a:62:2e:59:b4:55:f4:9c:7f:a4:cb:db:
52:81:ba:3f:01:e9:f7:22:77:b7:27:bd:ff:52:19:b3:43:6c:
ee:31:61:ea:7e:40:6d:89:bb:e9:ea:ee:8f:a3:0e:56:c0:af:
5a:be:40:54:15:1a:90:1d:7f:63:8c:28:1b:4c:bf:45:2f:8c:
7a:cc:cf:ef:ad:f3:4f:ab:9e:92:a5:73:9b:d0:28:ee:83:80:
41:8c:7d:81:31:32:b4:75:6f:11:f3:04:32:80:be:72:2a:84:
92:89:0c:43:e0:aa:88:07:e1:6b:2b:4d:fb:a8:36:ac:73:af:
6c:c0:bd:ab:4b:6e:db:e3:b6:fe:eb:1f:b6:6c:66:15:37:0a:
98:cf:3c:99:35:11:3c:e7:1a:57:4e:e9:c8:a0:a4:90:45:81:
29:0e:7f:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGKSVC8BT8A6MOo2Gd00hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWM4NGNlZWM1N2IzNWZhMzk1MzRhZTIzMDA5YWVhODIw
MjM5YWEwHhcNMjUxMTA0MDkwMDI4WhcNMjUxMTA1MDkwMDI4WjAzMTEwLwYDVQQD
EyhkZTUyZmM4YmZlZDc5ZmY3MGEzZTdlZjJmMDgzNThjNWUyY2I4YzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl6CBoldL1dy7AignJTLwve96rI3
fgDDcaZbdgMxunp/kxnwlMIsKu8L/7qthtWt7Z7vR4W5FU7+DZmxB1tAuGOWHaIn
HprQKIadGR00Lx62Z5BxkeEFc5AzzDvJQ+t85rgkGrp3kwpru8mE/Wh5IxaTJKTm
tDOXsJ+Xkq4JrI3tM8AeXfl5Ys347MDCwBF7itpNgGtcCgKP30PWHnc40uQgbNTO
Am+Xktc6X0dIEvDCSCV9RN7OvnVhsTC6AW/5h5iAhQq9Dn3ut9I02bRrMWU6BIO7
J9rSZ8dhOLiEjjqL9FSdT4ebcdM7/x6VwsisRqJ6vIDbQ74EfCBkLJN1CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5S/Iv+15/3Cj5+8vCDWMXiy4wJMB8GA1UdIwQY
MBaAFCyshM7sV7Nfo5U0riMAmuqCAjmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYt
ZWRlNzBjOGVkNTEzLzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYtZWRlNzBjOGVkNTEz
LzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsfwKcNdE
nXFeRHrw7PPsye/lW7d0i9F4uAjaIQUi7os/ogg8UqXxgMEUoFe5J/rwodZSDasv
7zNzVGcy5QoiliwEMOt1HQQPac5pGfRF8JyuyQMveZMPkp7rNlL10auMmmIuWbRV
9Jx/pMvbUoG6PwHp9yJ3tye9/1IZs0Ns7jFh6n5AbYm76eruj6MOVsCvWr5AVBUa
kB1/Y4woG0y/RS+MeszP763zT6uekqVzm9Ao7oOAQYx9gTEytHVvEfMEMoC+ciqE
kokMQ+CqiAfhaytN+6g2rHOvbMC9q0tu2+O2/usftmxmFTcKmM88mTURPOcaV07p
yKCkkEWBKQ5/ZA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:08:59 2025 by rpki-client